background image

Seagate Enterprise Performance 10K HDD v8 Product Manual, Rev. A

  33

  

7.0

About self-encrypting drives

Self-encrypting drives (SEDs) offer encryption and security services for the protection of stored data, commonly known as 
“protection of data at rest.” These drives are compliant with the Trusted Computing Group (TCG) Enterprise Storage Specifications as 
detailed in Section 2.2.

The Trusted Computing Group (TCG) is an organization sponsored and operated by companies in the computer, storage and digital 
communications industry. Seagate’s SED models comply with the standards published by the TCG. 

To use the security features in the drive, the host must be capable of constructing and issuing the following two SCSI commands:

• Security Protocol Out

• Security Protocol In

These commands are used to convey the TCG protocol to and from the drive in their command payloads.

7.1

Data encryption

Encrypting drives use one inline encryption engine for each port, employing AES-256 data encryption in XEX-based tweaked-
codebook mode with ciphertext stealing (XTS) mode to encrypt all data prior to being written on the media and to decrypt all data

 

as it is read from the media. The encryption engines are always in operation and cannot be disabled.

The 32-byte Data Encryption Key (DEK) is a random number which is generated by the drive, never leaves the drive, and is 
inaccessible to the host system. The DEK is itself encrypted when it is stored on the media and when it is in volatile temporary

 

storage (DRAM) external to the encryption engine. A unique data encryption key is used for each of the drive's possible 32 data

 

bands (see Section 7.5). 

7.2

Controlled access

The drive has two security providers (SPs) called the "Admin SP" and the "Locking SP”. These act as gatekeepers to the drive security

 

services. Security-related commands will not be accepted unless they also supply the correct credentials to prove the requester is 
authorized to perform the command.

7.2.1

Admin SP

The Admin SP allows the drive's owner to enable or disable firmware download operations (see Section 7.4). Access to the Admin SP

 

is available using the SID (Secure ID) password or the MSID (Manufacturers Secure ID) password.

7.2.2

Locking SP

The Locking SP controls read/write access to the media and the cryptographic erase feature. Access to the Locking SP is available

 

using the BandMasterX or EraseMaster passwords. Since the drive owner can define up to 32 data bands on the drive, each data band

 

has its own password called BandMasterX where X is the number of the data band (0 through 31).

7.2.3

Default password

When the drive is shipped from the factory, all passwords are set to the value of MSID. This 32-byte random value can only be read by

 

the host electronically over the interface. After receipt of the drive, it is the responsibility of the owner to use the default MSID

 

password as the authority to change all other passwords to unique owner-specified values.

Summary of Contents for ST300MM0048

Page 1: ...100799987 Rev A July 2016 Standard Models ST600MM0208 ST300MM0048 Self Encrypting Drive Models ST600MM0218 ST300MM0058 Enterprise Performance 10K HDD v8 SAS Product Manual...

Page 2: ...hen referring to drive capacity one gigabyte or GB equals one billion bytes and one terabyte or TB equals one trillion bytes Your computer s operating system may use a different standard of measuremen...

Page 3: ...ptions 12 4 0 Performance characteristics 13 4 1 Internal drive characteristics 13 4 2 Performance characteristics 13 4 2 1 Format command execution time minutes 13 4 2 2 General performance character...

Page 4: ...romagnetic susceptibility 31 6 6 Mechanical specifications 32 7 0 About self encrypting drives 33 7 1 Data encryption 33 7 2 Controlled access 33 7 2 1 Admin SP 33 7 2 2 Locking SP 33 7 2 3 Default pa...

Page 5: ...rt 41 10 3 SCSI commands supported 42 10 3 1 Inquiry data 46 10 3 2 Mode Sense data 47 10 4 Miscellaneous operating features and conditions 50 10 4 1 SAS physical interface 50 10 4 2 Physical characte...

Page 6: ...put output operations per second 28 Figure 4 300GB at 12Gb DC current and power vs input output operations per second 28 Figure 5 Recommended mounting 30 Figure 6 Mounting configuration dimensions 32...

Page 7: ...s For information regarding Warranty Support visit http www seagate com support warranty and replacements For information regarding data recovery services visit http www seagate com services software...

Page 8: ...on specifications or requirements If integrators are designing a system which will use one of the models listed or future generation products and need further assistance please contact the Field Appli...

Page 9: ...however it is the user s responsibility to assure that the drive meets the appropriate EMI requirements in their system Shielded I O cables may be required if the enclosure does not provide adequate...

Page 10: ...procedures that ensure that restricted substances are not utilized in our manufacturing operations laboratory analytical validation testing and an internal auditing process to ensure that all standar...

Page 11: ...76 xxx SCSI Architecture Model 3 SAM 4 Standard T10 1683 D ISO IEC 14776 xxx SCSI Primary Commands 3 SPC 3 Standard T10 1416 D ISO IEC 14776 xxx SCSI Block Commands 3 SBC 2 Standard T10 1417 D ANSI Sm...

Page 12: ...a low inertia balanced patented straight arm design that provides excellent performance with minimal power dissipation in any orientation 3 1 Standard features Seagate Enterprise Performance 10K HDD d...

Page 13: ...drive capacity Using the Mode Select command the drive can change its capacity to something less than maximum See the Mode Select 6 parameter list table in the SAS Interface Manual part number 1002930...

Page 14: ...4 2 1 Format command execution time minutes Execution time measured from receipt of the last byte of the Command Descriptor Block CDB to the request for a Status Byte Transfer to the Initiator excludi...

Page 15: ...enabled and disabled independently using the Mode Select command however in actual operation the prefetch feature overlaps cache operation somewhat as described in sections 4 5 1 and 4 5 2 All defaul...

Page 16: ...um and Good status has already been returned a deferred error will be generated The Synchronize Cache command may be used to force the drive to write all cached write data to the medium Upon completio...

Page 17: ...ions but not caused by the read If an unrecoverable data error is detected a MEDIUM ERROR 03h in the Sense Key will be reported Multiple unrecoverable data errors resulting from the same cause are tre...

Page 18: ...e When a disk is powered on by switching the power or hot plugged the drive runs a self test before attempting to communicate on its interfaces When the self test completes successfully the drive init...

Page 19: ...essing delay is summarized below Reporting control Reporting is controlled by the MRIE bits in the Informational Exceptions Control mode page 1Ch Subject to the reporting method For example if the MRI...

Page 20: ...porting Informational Exceptions field MRIE on the Informational Exceptions Control IEC mode page 1Ch 5 2 6 Drive Self Test DST Drive Self Test DST is a technology designed to recognize drive fault co...

Page 21: ...hort test or 010b for the extended test in bytes 1 bits 5 6 and 7 5 2 6 2 3 Short and extended tests DST has two testing options 1 short 2 extended These testing options are described in the following...

Page 22: ...ort the diagnostic To abort a DST executing in background mode use the abort code in the DST Function Code field This will cause a 01 self test aborted by the application client code to appear in the...

Page 23: ...de page START STOP UNIT command method Use the START STOP UNIT command OPERATION CODE 1Bh This allows the host to directly transition the drive to any supported PowerChoice mode If both the Power Cond...

Page 24: ...and accumulated Start Stops and Load Unload cycles Power Condition Transitions Log Page reports log page 0x1A subpage 0x00 Accumulated transitions to Active Idle_A Idle_B Idle_C Standby_Y Standby_Z 6...

Page 25: ...ting current peak DC DC 3 0 73 1 00 peak AC AC 3 0 90 1 35 Delayed motor start max DC 1 4 0 31 0 06 2 30 Operating current random read Typical DC 1 6 0 37 0 35 6 01 Maximum DC 1 0 39 0 36 6 24 Maximum...

Page 26: ...ition is defined as random 4K block reads 7 During idle the drive heads are relocated every 30 seconds to a random location within the band from three quarters to maximum track Table 3 300GB 5xx nativ...

Page 27: ...start are measured after a 10 minute warm up 5 No terminator power 6 3 1 Conducted noise immunity Noise is specified as a periodic and random distribution of frequencies covering a defined frequency...

Page 28: ...Seagate Enterprise Performance 10K HDD v8 Product Manual Rev A 27 Figure 2 Current profiles for 300GB models Note All times and currents are typical See Section 6 3 for maximum current requirements...

Page 29: ...ical axis To calculate BTUs per hour multiply watts by 3 4123 Figure 3 600GB at 12Gb DC current and power vs input output operations per second 300GB models in 12Gb operation To obtain operating power...

Page 30: ...o condensation on the drive occurs Maximum wet bulb temperature is 84 2 F 29 C a Operating 5 to 95 non condensing relative humidity with a maximum gradient of 20 per hour b Non operating 5 to 95 non c...

Page 31: ...ve Shock may be applied in the X Y or Z axis Shock is not to be repeated more than once every 2 seconds b Non operating The limits of non operating shock shall apply to all conditions of handling and...

Page 32: ...ery potential application environment Users should use caution exposing any electronic components to uncontrolled chemical pollutants and corrosive chemicals as electronic drive component reliability...

Page 33: ...ed mounting configuration dimensions See Section 9 3 Drive mounting Figure 6 Mounting configuration dimensions Weight 600GB models 490 pounds 222 kilograms 300GB models 481 pounds 218 kilograms Note T...

Page 34: ...to the host system The DEK is itself encrypted when it is stored on the media and when it is in volatile temporary storage DRAM external to the encryption engine A unique data encryption key is used...

Page 35: ...y allocate Band1 by specifying a start LBA and an LBA range The real estate for this band is taken from the Global Band An additional 30 Data Bands may be defined in a similar way Band2 through Band31...

Page 36: ...e however the security and encryption portion of the drive controller ASIC is enabled and functional in the SED models This represents a small additional drain on the 5V supply of about 10mA and a com...

Page 37: ...s error recovery procedures to attempt to recover the data The error recovery procedures used depend on the options previously set in the Error Recovery Parameters mode page Error recovery and defect...

Page 38: ...rewrite fails the sector is re mapped to a spare location This is in contrast to the system having to use the Reassign Command to reassign a location that was unreadable and then generate a write com...

Page 39: ...drive Once a drive is formatted to a PI Type it may be queried by a Read Capacity 16 command to report the PI type which it is currently formatted to PI Types cannot coexist on a single drive A drive...

Page 40: ...ted in any orientation All drive performance characterizations however have been done with the drive in horizontal discs level and vertical drive on its side orientations which are the two preferred m...

Page 41: ...and X is the out of plane surface distortion units in inches or millimeters The out of plane distortion X is determined by defining a plane with three of the four mounting points fixed and evaluating...

Page 42: ...he same or different SCSI domains Each drive port has a unique SAS address The two ports have the capability of independent port clocking e g both ports can run at 12Gb s or the first port can run at...

Page 43: ...e Code page C1h Y Device Behavior page C3h Y Device Identification page 83h Y Extended Inquiry Data page 86h Y Firmware Numbers page C0h Y Jumper Settings page C2h Y Mode Page policy page 87h N Power...

Page 44: ...Y Information Exceptions Control page 1Ch Y Background Scan mode subpage 01h Y Notch and Partition Page 0Ch N Protocol Specific Port page 19h Y Power Condition page 1Ah Y Rigid Disk Drive Geometry pa...

Page 45: ...tize Exit Y Security Protocol In A2h Y SED models only Security Protocol Out B5h Y SED models only Seek 6 0Bh Y Seek 10 2Bh Y Send Diagnostics 1Dh Y Rebuild Assist page 42h Y Supported Diagnostics pag...

Page 46: ...me to complete this command for a SED drive versus a non SED drive of the same capacity 6 Write alignment counters supported 7 Mode Fh is the only activation method supported with mode Eh Write and Ve...

Page 47: ...he product serial number Bytes 16 through 26 reflect model of drive The table above shows the hex values for Model ST600MM0208 Refer to the values below for the values of bytes 16 through 26 of a part...

Page 48: ...tion on the media prior to shipping 3 Current values Current values are volatile values being used by the drive to control its operation A Mode Select command can be used to change the values identifi...

Page 49: ...07 0A 00 14 FF 00 00 00 00 00 FF FF CHG 07 0A 0F FF 00 00 00 00 00 00 FF FF DEF 08 12 14 00 FF FF 00 00 FF FF FF FF 80 20 00 00 00 00 00 00 CHG 08 12 A5 00 00 00 FF FF FF FF 00 00 20 00 00 00 00 00 00...

Page 50: ...07 0A 00 14 FF 00 00 00 00 00 FF FF CHG 07 0A 0F FF 00 00 00 00 00 00 FF FF DEF 08 12 14 00 FF FF 00 00 FF FF FF FF 80 20 00 00 00 00 00 00 CHG 08 12 A5 00 00 00 FF FF FF FF 00 00 20 00 00 00 00 00 0...

Page 51: ...ts of Seagate s SAS drives are provided in the SAS Interface Manual Figure 9 Physical interface Table 11 Miscellaneous features Supported Feature or condition N Automatic contingent allegiance N Async...

Page 52: ...Seagate Enterprise Performance 10K HDD v8 Product Manual Rev A 51 Figure 10 SAS device plug dimensions...

Page 53: ...Seagate Enterprise Performance 10K HDD v8 Product Manual Rev A 52 Figure 11 SAS device plug dimensions detail...

Page 54: ...SAS pin descriptions Short pin to support hot plugging Power Disable T10 Industry Standard for remote management of the end device Allows power cycling power saving to be controlled by the host via i...

Page 55: ...return current must be distributed as evenly as possible among the pins Current to the drive through the long power pins may be limited by the system to reduce inrush current to the drive during hot...

Page 56: ...amplitude and emphasis values to the channel The receiver still employs Decision Feedback Equalizer DFE and Feed Forward Equalizer FFE circuitry to accomplish this training 10 7 Additional information...

Page 57: ...nited States 408 658 1000 ASIA PACIFIC Seagate Singapore International Headquarters Pte Ltd 7000 Ang Mo Kio Avenue 5 Singapore 569877 65 6485 3888 EUROPE MIDDLE EAST AND AFRICA Seagate Technology SAS...

Reviews:

Related manuals for ST300MM0048